SUSE SLED15 / SLES15 Security Update : xorg-x11-server (SUSE-SU-2020:2241-1)

This update for xorg-x11-server fixes the following issues : CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation bsc1174633, ZDI-CAN-11426. CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability bsc1174638,...

SUSE SLES12 Security Update : xorg-x11-server (SUSE-SU-2020:2325-1)

This update for xorg-x11-server fixes the following issues : CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation bsc1174633, ZDI-CAN-11426. CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability bsc1174638,...

CVE-2020-17395

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17395

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

CVE-2020-17395

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

SUSE-SU-2020:2240-1 Security update for xorg-x11-server

This update for xorg-x11-server fixes the following issues: - CVE-2020-14347: Leak of uninitialized heap memory from the X server to clients on pixmap allocation bsc1174633, ZDI-CAN-11426. - CVE-2020-14346: XIChangeHierarchy Integer Underflow Privilege Escalation Vulnerability bsc1174638,...

CVE-2020-14362

A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2020-14361

A flaw was found in X.Org Server. An Integer underflow leading to heap-buffer overflow may lead to a privilege escalation vulnerability. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

CVE-2020-14346

A flaw was found in xorg-x11-server. A integer underflow in the X input extension protocol decoding in the X server may lead to arbitrary access of memory contents. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability...

xorg-server -- Multiple input validation failures in X server extensions

The X.org project reports: All theses issuses can lead to local privileges elevation on systems where the X server is running privileged. The handler for the XkbSetNames request does not validate the request length before accessing its contents. An integer underflow exists in the handler for the...

Parallels Desktop Integer Underflow Elevation of Privilege Vulnerability

Parallels Desktop is a virtual machine software that runs on Mac computers. An integer underflow elevation of privilege vulnerability exists in the prlnaptd process in versions prior to Parallels Desktop 16.0.0 48916. The vulnerability stems from a lack of proper validation of user-supplied data...

Parallels Desktop Networking Service Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the prlnapt...

Huawei EulerOS: Security Advisory for ntfs-3g (EulerOS-SA-2020-1816)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : ntfs-3g (EulerOS-SA-2020-1816)

According to the version of the ntfs-3g packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - An integer underflow issue exists in ntfs-3g 2017.3.23. A local attacker could potentially exploit this by running /bin/ntfs-3g with specially...

NTFS-3G: Remote code execution, possible privilege escalation

Background NTFS-3G is a stable, full-featured, read-write NTFS driver for various operating systems. Description An integer underflow issue exists in NTFS-3G which may cause a heap buffer overflow with crafted input. Impact A remote attacker may be able to execute arbitrary code while a local...

GLSA-202007-45 : NTFS-3G: Remote code execution, possible privilege escalation

The remote host is affected by the vulnerability described in GLSA-202007-45 NTFS-3G: Remote code execution, possible privilege escalation An integer underflow issue exists in NTFS-3G which may cause a heap buffer overflow with crafted input. Impact : A remote attacker may be able to execute...

Microsoft Windows JET Database Engine Integer Underflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the JET database...

Oracle VirtualBox e1000 Integer Underflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

Palo Alto Networks PAN-OS 9.1.x < 9.1.3 Integer Underflow Vulnerability

The version of Palo Alto Networks PAN-OS running on the remote host is 9.1.x prior to 9.1.3. It is, therefore, affected by an integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface. This allows authenticated administrators to issue a command from the command...

CVE-2020-2031

An integer underflow vulnerability in the dnsproxyd component of the PAN-OS management interface allows authenticated administrators to issue a command from the command line interface that causes the component to stop responding. Repeated attempts to send this request result in denial of service ...